package com.zingrow.common.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

import org.springframework.context.ApplicationContext;

import com.zingrow.web.user.model.UserPermission;
import com.zingrow.web.user.service.IPermissionService;
import com.zingrow.web.user.service.impl.PermissionService;
import com.zingrow.web.user.model.ActiveUser;
import com.zingrow.common.utils.SpringContextUtil;
import com.zingrow.web.base.controller.BaseController;

public class SessionUserFilter implements Filter {

	public FilterConfig config;

	public void destroy() {
		this.config = null;
	}

	IPermissionService bean = (IPermissionService) SpringContextUtil.getBean("permissionService",
			IPermissionService.class);

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		BaseController s = new BaseController();
		HttpServletRequest httpRequest = (HttpServletRequest) request;
		HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper((HttpServletResponse) response);
		// 登录登陆页面
		String logonStrings = config.getInitParameter("logonStrings");
		// 没有权限跳转至登录页面
		String redirectPath = httpRequest.getContextPath() + config.getInitParameter("redirectPath");
		ActiveUser user = s.getUser(httpRequest);
		// String[] includeList = includeStrings.split(";");
		// 对登录页面不进行过滤
		if (httpRequest.getRequestURI().contains(logonStrings)) {
			chain.doFilter(request, response);
			return;
		}
		if (user.getUserAccount() != null || user.getUserAccount().equals("")) {
			// 判断系统管理权限
			if (httpRequest.getRequestURI().contains("system")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("6"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
			// 判断日志权限
			else if (httpRequest.getRequestURI().contains("operation")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("7"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
			// 判断客户管理权限
			else if (httpRequest.getRequestURI().contains("clients")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("5"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
			// 判断资源调配权限
			else if (httpRequest.getRequestURI().contains("resource")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("4"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
			// 判断报告管理权限
			else if (httpRequest.getRequestURI().contains("report")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("3"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
			// 判断方案管理权限
			else if (httpRequest.getRequestURI().contains("programme")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("2"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
			// 判断信息管理权限
			else if (httpRequest.getRequestURI().contains("message")) {
				int j = 0;
				UserPermission us = bean.selectbyuserid(user.getUserAccount());
				String[] u = us.getPermissionId().split(",");
				for (int i = 0; i < u.length; i++) {
					if (u[i].equals("1"))
						j++;
				}
				if (j <= 0) {
					// 没有权限，跳至首页
					wrapper.sendRedirect(redirectPath);
					return;
				} else {
					chain.doFilter(request, response);
					return;
				}
			}
		}
	}

	public void init(FilterConfig filterConfig) throws ServletException {
		config = filterConfig;
	}
}
